Category: MS17-010 Security Update

New Adylkuzz Malware attack uses the same tools which were used by WannaCry Ransomware – (EternalBlue for instance) which were released by The Shadow Brokers back in April. Eternal Blue code scans a network to find computers running the Microsoft SMB v1.0 protocol service (open TCP ports 139 and 445 along with UDP ports 137 and 138). When found it can then install the malware. Adylkuzz is infecting thousands of computers around the Globe. Microsoft released a Security patch back in March which addressed the SMB vulnerability. Last week Microsoft also released further Windows Security Patches for Windows systems going back to Windows XP. Microsoft’s Windows Security Updates will stop the spread of WannaCry and Adulkuzz, once the Security Patches have been installed and the system rebooted. At the bottom of this post, you will find links to the official Microsoft Patches.

This new AdylKuzz Malware does not request any ransom from the owner of the infected computer. It does it’s processing in the background. One interesting aspect about the way that Adylkuzz works is that once it infects a computer it then disables the SMB v1.0 protocol. That move prevents any other Malware from infecting the computer. Adylkuzz may very well have protected thousands of computers around the globe from becoming infected by WannaCry Ransomware because Adylkuzz it is believed has been running in the wild on the internet for many weeks and before the WannaCry attack was launched.

Adylkuzz essentially is a Cryptocurrency Miner. Apparently, it is being reported that Adylkuzz does not damage any files. A lot of people use their powerful computers to do Cryptocurrency Mining. Cryptocurrency like Monero and Bitcoin is essentially untraceable Internet money which can be converted to a National Currency or used directly on the Internet. Adylkuzz mines the Monero Cryptocurrency. Once installed on the infected computer it will start to use computer resources. On an older slow PC, the end user will notice a dramatic slowdown. On a Top End fast PC there will be a far less noticeable slowdown. What will be dramatically affected, will be one’s useable internet bandwidth. Downloads and even web page loading will take longer. Watching internet videos will be affected with slowdowns.

To prevent being infected by either WannaCry or Adylkuzz one needs to make sure that any Microsoft Windows Security Updates have been installed. Yes, one can manually disable the SMB v1.0 protocol on a PC, but the Microsoft Security Patches also patch other holes and vulnerabilities in the Windows Operating Systems. Install the Windows Security Patches. Also make sure to Update any and all of your Computer Security software like your Firewall, Anti-Virus, and Anti-Malware software. Then consider buying an external hard drive (if you do not already have one) and start backing up your data. Having a daily Backup of your data files costs far less than having to pay Ransomware, should your PC become infected.

The following was posted by Anonymous on their YouTube channel TORnado – Anonymous France. Permission to share was posted on their YouTube channel along with the video linked to below,:“Published on May 17, 2017

Greetings citizens of the world,

We are Anonymous.

This is a new warning about a massive hack.
Following the attack “WannaCry Ransomware”, a much larger hack was discovered.

Much more vicious, better hidden and bringing much more money to black-hats hackers, this massive virus is called “Adylkuzz” and simply uses the same flaw as WannaCry.
This is once again a computer tool stolen from the NSA.
But this time it is not your data that is affected but your entire computer that through the rat, will become a minor zombie of crypto-currency.

For the moment of what we, Anonymous know, here is the process:

The virus enters the computer with DoublePulsar and EternalBlue, via the MS17-010 fault on the TCP port 445 as the previous “WannaCryptor” but there will be nothing on the screen. You will not even know that you are infected.

Then the hack will begin to mining the cryptomony with your machine, ie you will produce virtual currency of type “Monero”, similar to the famous bitcoin without
You know it and free for hackers you do not know.
Knowing that the mining uses the abilities of the PC, the victim then undergoes slowdowns which causes a malfunction of the computer.

Several hundred thousand people would already be in this case, that’s why we’re alerting you once again. It seems that “WannaCry” was only the part of the iceberg, stay alert, update your Windows and keep your antivirus.

On our side we follow different tracks to find these hackers. Already about 40,000 dollars in Monero have recently been discovered probably the money gained through the hack.

The cryptomontee is thus once again likely to have a bad image in the media whereas this currency remains a practical and anonymous means to buy or give money.

Now calls to the Anonymous, it’s time to stop these criminals and help those affected or not knowing how to protect themselves.
The NSA can not even protect its own data, so we can only count on ourselves.
In any event,

We’re Anonymous,
We are Legion,
We do not forget,
We do not forgive,
Rogues, thieves, whoever you are,
Expect us.

Disclaimer: Everything in the post above is subject to change without notice. There could be unintentional errors. Please confirm all info via the linked to websites and web pages. Best Practice is to always create daily backups

Copyright

If a specific photo is not our own, we will include a Photo Credit just below the photograph in the Caption area. Any such photos are either in the Public Domain, carry a Creative Commons license for Free use or are used with permission granted by said Copyright Holder.

Videos are linked to only when the originating Video site permits us to do so. The vast majority of linked to videos found on this site are courtesy of YouTube and assorted YouTube Channels.

Affiliations & Disclaimer

Uniquely Toronto and this blogsite are not affiliated with the City of Toronto, in any way.

The City of Toronto does "not" sponsor or endorse the Uniquely Toronto blog, or the Photos and Blog Posts found here.

****************
DISCLAIMER:
****************
All the articles on this site are for entertainment, educational and commentary purposes only, and as such are protected by Laws governing Free Speech. They are not intended to provide, nor replace, medical, health, legal, financial or other professional advice. Each person visiting our site must do their own Due Diligence and always speak with their own Licensed Medical and or Licensed Financial Professional.

In 2017 I have started to post about Medical Cannabis. FDA Disclaimer: The statements on this site have not been evaluated by the US FDA and are not intended to diagnose, treat, cure or prevent any disease.

Your Licensed Medical Doctor must be consulted before
starting any form of treatment.

The information which is posted on the Uniquely Toronto blog should NEVER be considered as being professional medical advice. Vincent Banial is not a Licensed Medical Doctor. As was mentioned earlier in this Disclaimer, all the articles on this site are for entertainment, educational and commentary purposes only.

Anything posted on this Blog is subject to change without notice. I report on events over which I have no control. Stuff happens and things are always subject to change without notice (like life itself).

No endorsement of products and services found in our photos or mentioned in our blog posts is either expressed or implied.

Blog posts may contain unintentional errors and or omissions. Please inform me of any errors that you may find on the blog. Our email address is at the top of the blog.

All posts are for entertainment, educational and commentary purposes only, and as such are protected by Laws governing Free Speech.

Trademarks

Product names, brands, logos and any other trademarks found in our Photos or referred to within our Blog posts, are the property of their respective trademark holders. Any Trademarks found and are not used here for commercial purposes. The trademark owners are not affiliated with Vincent Banial, or the Uniquely Toronto blog, or the Uniquely Tech blog, or the Unique F-Stop blog, or the CLiK CLiK Vic photo site. The trademark owners do "not" sponsor or endorse our Photos or Blog Posts

Published under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0 license

The licensor cannot revoke these freedoms as long as you follow the license terms.

Under the following terms:

Attribution — You must give appropriate credit to Vincent Banial, provide a link back to https://uniquelytoronto.wordpress.com, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.

NonCommercial — You may not use the material for commercial purposes.

NoDerivatives — If you remix, transform, or build upon the material, you may not distribute the modified material.

No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.

Notices:

You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation.

No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.